Security | News

Ed Sector Worse than Others in Virtual Machine Security

Nearly every large organization has experienced some kind of "significant" IT security incident in the last year, such as a phishing attack, compliance policy violation or unsanctioned device or application use. One in six have had five or more such events. Yet, only a third of security professionals have any confidence that their operations will be able to address inadequate security controls through investment or upgrade. Four out of 10 security people find it more challenging to manage security problems now vs. two years ago. The four biggest challenges among that group: prevention, diagnosis, remediation and identification.

These are some of the findings of a research project done by IDG Connect for ForeScout, a company that sells security products. The researchers queried 1,600 "IT information security decision makers" in American and European organizations with more than 500 employees. Twenty four percent of the survey respondents were in the education segment.

The report, "State of IT Cyber Defense Maturity," free with registration, stated that education (along with manufacturing and finance) were "more prone" to phishing attack than other segments.

In the areas of policy definition, technical controls and mitigation capabilities, the education sector came out as the least mature. Education also appears to have more issues with virtual machine security (68 percent) and inventory management (65 percent) compared to the industry aggregate (58 percent and 58 percent, respectively).

The education sector was the least confident of any that it would be able to address gaps in security event logging and monitoring tools. Likewise, only a third of education respondents reported that they were "very confident" they could improve security measures for managing mobile devices anytime soon; the remainder were either not or only somewhat confident they could address this area.

About the Author

Dian Schaffhauser is a writer who covers technology and business for a number of publications. Contact her at dian@dischaffhauser.com.

comments powered by Disqus